Sears investigating possible corporate data breach

Another month, another investigation into a potential corporate data breach at a large U.S. retailer. This time, it’s executives at Sears that are holding their breath.

In an announcement on Feb. 28, executives at Sears said that the company is fighting against a possible hacking attack in its stores. Bloomberg says that two sources familiar with the matter have confirmed that Verizon’s digital forensics unit and the U.S. Secret Service are combing the company’s data to find traces that a hack may have occurred.

According to a spokesman for the company, there is no way yet to determine whether an attack occurred or if it did, how many customers would be affected.

“There have been rumors and reports throughout the retail industry of security incidents at various retailers, and we are actively reviewing our systems to determine if we have been a victim of a breach,” Howard Riefs, a Sears spokesman, said in an e-mailed note to Bloomberg. “We have found no information based on our review of our systems to date indicating a breach.”

Sears has been the victim of 28 straight quarters of declining sales, and a potential data breach would certainly not help their cause. In 2013, the company named hedge fund manager Edward Lampert — who owns 48 percent of Sears Holdings Corp. — as CEO in order to turn around the company.

However, if a breach has in fact occurred, he may have massive litigation on his hands. In an InsideCounsel column, Lawrence T. Gresser and Karen Bromberg of Cohen & Gresser’s write that every company can minimize the legal consequences of a breach through three steps: free credit monitoring, engaging security breach counsel, and formulating an incident response plan.

In addition, wrotes Miriam Smolen and Tom Hibarger of Gilbert LLP, in-house counsel should realize that even a rapid response should stress patience in order to assess all of the data. Rushing through an improper investigation ultimately makes the company’s position worse.

“Attackers often attempt to cover their tracks by deleting files used in the exploit or files that log network activity,” Smolen and Hibarger said. “They may have created new user accounts with deep root access. If they have been in your network for a long time, they may have built multiple backdoors for themselves. In the most sophisticated attacks, incident responders battle the attackers in real time. In cases like these, a data breach may take weeks or months to fully understand and remediate.”

Data breaches are bad news for big business. Learn how to protect yourself with us: